The intelligence community, as part of a new interagency effort to counter cyberspying, will consider feeding questions to U.S. attorneys for suspects to aid espionage investigations, federal officials said on Wednesday.

Officials announced the "Administration Strategy on Mitigating the Theft of U.S. Trade Secrets" the day after Mandiant, a highly-regarded computer forensics firm, released data linking the Chinese army to a massive cyberespionage operation against American companies. In unveiling the plan, the attorney general and a State Department undersecretary mentioned crimes perpetrated by Chinese hackers, but did not focus on that specific threat.

Counterintelligence officers "are considering an expansion of collaboration" where they could “introduce questions for attorneys to pose to offenders during the investigation process,” according to the strategy.

Another tactic could be examining ways to tie plea bargains and sentencing decisions to suspects' willingness to cooperate with counterintelligence officers during damage assessments, the plan adds.

Frank Montoya, national counterintelligence executive for the Office of the Director of National Intelligence, said the intelligence community's role is to identify in instances when there is a foreign nexus, the nations that "are taking advantage of us from a trade secrets perspective.” Montoya's office in 2011 made the first U.S. government accusation naming "Chinese actors" as the "world’s most active and persistent perpetrators of economic espionage."

Beyond coordinating more inside the government, DNI also must cooperate better with corporate targets, Montoya added.

"The key element of this effort is working together," he said. "It is important that we are able to take the information that we have and share it with those that are most affected." He did not specify what types of intelligence DNI will be willing to share.

The strategy, however, raises concerns about past public-private efforts to understand the data theft problem and alert companies to the risks.

"Despite stringent reporting requirements" for cleared defense contractors, the Defense Security Service "reports that only 10 percent of [contractors] actually provide any sort of reporting in a given year," the plan states.

Corporate security officers have told the government that reporting is too cumbersome and often redundant, with Defense and the FBI seeking the same data but in different formats, according to the report.

The defense industrial base, an estimated $400 billion sector, has at its fingertips a mounting supply of government information and intellectual property stored on unclassified computers, the strategy notes.

Apparently, Obama administration leaders, guided by U.S. IP Enforcement Coordinator Victoria Espinel, had been drafting the plan for months ahead of yesterday’s China hacking report, and did not cite the Mandiant study.

The 76-page paper accuses the People's Liberation Army of persistent computer intrusions to snatch U.S. government and industrial secrets. Mandiant's findings mark the first time cyber researchers have published evidence tracing breaches to a Chinese military unit. The revelations were first reported by The New York Times on Monday.

During Wednesday's announcement, Assistant Attorney General Lanny Breuer made first mention of the research during a discussion with business executives. He quoted from a line in the paper that stated, "Since 2006, Mandiant has observed [the alleged PLA wing] compromise 141 companies spanning 20 major industries."

Some technology executives on Wednesday said pegging responsibility for IP theft on specific entities might not be the best initial countermeasure. "I would like to see my industry first understand why are these attacks happening and why did they succeed" in order to minimize the damage, Jack Danahy, IBM director of North American security consulting, said during an interview.

FROM OUR SPONSORS

sponsored

JOIN THE DISCUSSION

By using this service you agree not to post material that is obscene, harassing, defamatory, or
otherwise objectionable. Although Nextgov does not monitor comments posted to this site (and has
no obligation to), it reserves the right to delete, edit, or move any material that it deems to
be in violation of this rule.

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

Data-Centric Security vs. Database-Level Security

Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.